Apple patches major flaws with iOS 9.3.5

27 August 2016

Transcript

Update your iOS devices right now.
Trident vulnerabilities could completely compromise iOS devices.
The research firms that discovered the problem have dubbed the issues trident.
So let's dive into trident.
It was found by two cyber security firms.
Lookout and citizen lab.
The exploits are used by spyware called Pegasus.
Citizen Lab found that Pegasus is a product of the NSO Group.
The NSO Group reportedly specializes in cyber war.
So how are Trident and Pegasus found out?
A human rights activist, Ahmed Mansoor, received text messages with links that promised secrets about detainees in the Unite Arab Emirates.
Mansoor did not click the links.
Instead, he sent the messages to Citizen Lab.
Citizen Lab recognized that the links were related to the NSO Group.
The research firm works with Lookout and found that if the links were clicked, the iPhone would be jailbroken and malware would be installed.
Jailbreaking an iPhone allows people to install apps outside of Apple's official app store.
Look out says Pegasus is the most sophisticated attack it seen.
The company also says Pegasus is very customizable.
It can be used to spy on all kinds of apps like Facebook, Skype, Whatsapp, and Gmail.
On top of that, look out police Pegasus has been out in the wild for significant amount of time.
The company says it believes the vast majority of users will not be impacted by Pegasus.
All three vulnerabilities were patched in iOS 9.3.5.
To update your iOS device go to Settings then General and tap Software Update.
Get iOS 9.3.5 if you don't have it already.
That's it for this tech news update.
I'm Iyaz Akhtar, and you can stay on top of the biggest stories at cnet.com/update.
[MUSIC]